According to its self-reported version number, the version of PHP installed on the remote host is 7.4.x prior to 7.4.33, 8.0.x prior to 8.0.25, or 8.1.x prior to 8.1.12. It is, therefore, affected by multiple vulnerabilities:

An OOB read due to insufficient input validation in imageloadfont(). (CVE-2022-31630)
A buffer overflow in hash_update() on long parameter. (CVE-2022-37454)

Note that the scanner has not tested for these issues but has instead relied only on the application’s self-reported version number.

No source data

VendorProductVersionCPE
phpphp*cpe:2.3:a:php:php:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
php	php	*	cpe:2.3:a:php:php::::::::

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31630

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37454

www.php.net/ChangeLog-8.php#8.1.12

nessus 63

fedora 13

altlinux 4

openvas 42

slackware 2

osv 24

ubuntu 6

gentoo 1

debian 5

almalinux 4

rocky 2

redhat 4

debiancve 2

veracode 2

cve 2

ubuntucve 2

oraclelinux 4

prion 2

alpinelinux 2

redhatcve 2

redos 1

github 1

amazon 3

cloudfoundry 2

cbl_mariner 3

photon 1

nessus

Amazon Linux 2 : php (ALASPHP8.1-2023-001)

2023-09-13 00:00:00

Amazon Linux 2 : php (ALASPHP8.0-2023-004)

2023-09-13 00:00:00

SUSE SLES15 Security Update : php8 (SUSE-SU-2022:4005-1)

2022-11-16 00:00:00

fedora

[SECURITY] Fedora 35 Update: php-8.0.25-1.fc35

2022-11-01 15:57:52

[SECURITY] Fedora 36 Update: php-8.1.12-1.fc36

2022-11-03 15:58:44

[SECURITY] Fedora 37 Update: php-8.1.12-1.fc37

2022-11-10 22:53:48

altlinux

Security fix for the ALT Linux 10 package php8.1 version 8.1.12-alt1

2022-11-03 00:00:00

Security fix for the ALT Linux 10 package php8.2 version 8.1.12-alt1

2022-10-31 00:00:00

Security fix for the ALT Linux 10 package php8.0 version 8.0.25-alt1

2022-11-02 00:00:00

openvas

Fedora: Security Advisory for php (FEDORA-2022-1ecc10276e)

2022-11-04 00:00:00

PHP < 7.4.33, 8.0.x < 8.0.25, 8.1.x < 8.1.12 Security Update - Windows

2022-10-31 00:00:00

Slackware: Security Advisory (SSA:2022-314-01)

2022-11-11 00:00:00

slackware

[slackware-security] php

2022-11-10 19:52:56

[slackware-security] php80/php81

2022-10-31 23:47:05

osv

php7.2, php7.4, php8.1 vulnerabilities

2022-11-08 14:42:27

php7.4 - security update

2022-11-13 00:00:00

Moderate: php:8.1 security update

2023-05-09 00:00:00

ubuntu

PHP vulnerabilities

2022-11-08 00:00:00

Python vulnerability

2023-03-07 00:00:00

Python vulnerability

2023-03-07 00:00:00

gentoo

PHP: Multiple Vulnerabilities

2022-11-19 00:00:00

debian

[SECURITY] [DSA 5277-1] php7.4 security update

2022-11-13 18:52:43

[SECURITY] [DLA 3174-1] pysha3 security update

2022-10-31 10:47:16

[SECURITY] [DSA 5269-1] pypy3 security update

2022-11-02 18:54:47

almalinux

Moderate: php:8.0 security update

2023-02-21 00:00:00

Moderate: php:8.1 security update

2023-05-09 00:00:00

Moderate: php:7.4 security update

2023-05-16 00:00:00

rocky

php security update

2023-04-06 15:53:36

php:8.0 security update

2023-02-22 01:08:53

redhat

(RHSA-2023:2417) Moderate: php:8.1 security update

2023-05-09 05:10:10

(RHSA-2023:2903) Moderate: php:7.4 security update

2023-05-16 05:57:44

(RHSA-2023:0965) Moderate: php security update

2023-02-28 07:53:30

debiancve

CVE-2022-31630

2022-11-14 07:15:00

CVE-2022-37454

2022-10-21 06:15:00

veracode

Arbitrary Code Execution

2022-10-27 03:36:20

Denial Of Service (DoS)

2022-10-28 10:11:51

cve

CVE-2022-31630

2022-11-14 07:15:00

CVE-2022-37454

2022-10-21 06:15:00

ubuntucve

CVE-2022-31630

2022-10-31 00:00:00

CVE-2022-37454

2022-10-21 00:00:00

oraclelinux

php:7.4 security update

2023-05-24 00:00:00

8.1 security update

2023-05-15 00:00:00

php security update

2023-02-28 00:00:00

prion

Design/Logic Flaw

2022-11-14 07:15:00

Integer overflow

2022-10-21 06:15:00

alpinelinux

CVE-2022-31630

2022-11-14 07:15:00

CVE-2022-37454

2022-10-21 06:15:00

redhatcve

CVE-2022-31630

2022-11-02 04:55:54

CVE-2022-37454

2022-11-04 19:26:10

redos

ROS-20221222-04

2022-12-22 00:00:00

github

Buffer overflow in sponge queue functions

2023-04-26 17:39:58

amazon

Important: python3

2022-12-01 20:31:00

Important: python36

2022-12-01 17:34:00

Important: python38

2022-12-01 17:34:00

cloudfoundry

USN-5767-3: Python vulnerability | Cloud Foundry

2023-03-23 00:00:00

USN-5767-1: Python vulnerabilities | Cloud Foundry

2023-01-26 00:00:00

cbl_mariner

CVE-2022-37454 affecting package python3 3.9.14-2

2022-12-19 20:12:40

CVE-2022-37454 affecting package php 8.1.11-2

2022-12-09 00:19:55

CVE-2022-37454 affecting package python3 3.7.13-4

2022-12-27 17:55:44

photon

Critical Photon OS Security Update - PHSA-2023-3.0-0556

2023-03-23 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

JSON

Related for WEB_APPLICATION_SCANNING_113424